Einav Cohen has posted comments on this change. Change subject: webadmin: Fix UI plugin REST API / Engine session refresh issue ......................................................................
Patch Set 5: > setting UserSessionTimeOutInterval=2 (2 mins). Chrome 36 logs me out in about > 2 minutes. Firefox 31 takes 4 minutes, though. Thanks for the verification, Greg. I am not sure that the difference that you have observed between Chrome and Firefox has anything to do with the browser; AFAIK, the UserSessionTimeOutInterval value can practically be up to value*2; this is due to the way that the engine invalidates sessions: the frequency in which the engine checks for expired session is 'value' as well. so if e.g. UserSessionTimeOutInterval=2, the engine will check for expired sessions (i.e. sessions that are idle for at least 2 minutes) every 2 minutes. so the following scenario can happen: - 12:00:00: engine expires expired sessions. - 12:00:01: new engine session (s1) is created, and is idle. - 12:02:00: engine expires expired sessions (s1 is idle "only" for 1m59sec, so it cannot be expired). - 12:04:00: engine expires expired sessions (s1 is idle for 3m59sec, and is expired). so s1 is expired only after 3m59sec (i.e. almost 4 minutes, or 2*UserSessionTimeOutInterval), even though UserSessionTimeOutInterval=2. practically, this means that if a ui-plugin will perform a rest-api call after 'UserSessionTimeOutInterval' seconds of being idle (i.e. rest-api-http-session is expired, but engine session still not expired yet necessarily, per the explanation above), then we may see a browser-pop-up asking for credentials for the rest-api. This seems like a very highly unlikely scenario to me (especially after we have removed the ui-plugins heartbeat mechanism), so IMO we can definitely proceed with the patch as it is now. thanks. -- To view, visit http://gerrit.ovirt.org/36622 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I2ffd3198239040f67313238a837af98db16e79ea Gerrit-PatchSet: 5 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vojtech Szocs <vsz...@redhat.com> Gerrit-Reviewer: Alexander Wels <aw...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Einav Cohen <eco...@redhat.com> Gerrit-Reviewer: Greg Sheremeta <gsher...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
